CGIDir Wednesday, October 18, 2006; 03:28 AM
Breach Security, Inc. announced the release of the ModSecurity version
2.0 open source Web application firewall. ModSecurity version 2.0
provides greater flexibility, enhanced attack detection, and support
for XML and Web Services. At the same time, Breach Security is
releasing the ModSecurity Console for monitoring multiple sensors and
ModSecurity Core Rules that together provide easy-to-deploy baseline
Web application security.
"ModSecurity version 2.0 is the next generation code -- it is a
complete rewrite," said Ivan Ristic, chief evangelist, Breach Security,
Inc. "I am pleased that the original architecture lasted for several
years, but it is now time to move on. The new architecture builds on
everything we have learned and paves the way for serving a broader
range of organizations with advanced Web application security."
ModSecurity is a highly flexible Web application firewall that can be
used for a wide range of functions including Web application
monitoring, Web intrusion detection and prevention, as well as "just in
time" patching of known vulnerabilities. It can be used embedded into
the Apache Web server, or standalone, with the ability to protect
multiple Web servers of any type. New capabilities include:
* Session Management: ModSecurity v2.0 can track and monitor user
sessions providing protection against session hijacking and support
for session-based anomaly detection.
* Events correlation: enables detection of attacks spanning multiple
requests such as brute force and denial of service attacks, as well as
attack reconnaissance. This enables ModSecurity v2.0 to block hackers
before they can launch a significant attack.
* Enhanced Analysis Engine: more granular rules facilities provide
focused analysis of specific HTTP components, such as only searching
for a signature in response headers.
* XML Content Analysis: ModSecurity now supports analyzing XML and can be
configured to protect Web Services.
In addition to releasing ModSecurity v2.0, Breach Security also
introduced the ModSecurity Core Rules and the ModSecurity Console. With
the Core Rules, ModSecurity v2.0 is easier to deploy and delivers
immediate protection for Web applications. The Core Rules detect common
Web application security issues such as SQL injection, Cross-Site
Scripting (XSS) and OS Command Execution. Breach Security has certified
the rules set to be effective and efficiently written.
The ModSecurity Console is a network-based tool designed to collect
logs and alerts from remote ModSecurity sensors in real-time, providing
security analysts with a single interface for monitoring the security
of their Web applications. The ModSecurity Console manages up to three
sensors. It is offered free-of-charge for a limited time.
"With the availability of ModSecurity v2.0, Breach Security can now
serve a broader range of organizations with the new architecture
enabling us to deliver on the promise of a Web application firewall for
everyone," said Marc Shinbrood, CEO, Breach Security, Inc. "We are
proud of Ivan's achievements and will continue to support the
development and improvement of the open source Web application
firewall."
Breach Security said it will continue to leverage the ModSecurity
version 2.0 code base to introduce low cost, in-line Web application
firewall appliances to serve the small-to-medium business community.
Early next year, the company will deliver enterprise data center
appliances for large organizations managing high-volume business
critical Web applications.
ModSecurity v2.0, the ModSecurity Console and the Core Rules are all
available for download free-of-charge at http://www.modsecurity.org/.
|